MSA raising regulatory requirements on cyber resilience

Moves are under way on a range of fronts to beef up security around the increasing number of financial processes carried out digitally.

One involves the Monetary Authority of Singapore (MAS) raising the regulatory requirements on cyber resilience in the finance industry, a senior MAS officer said yesterday.

Chief cyber security officer Tan Yeow Seng told the Visa Security Summit here yesterday that the MAS will issue a public consultation soon on cyber hygiene.

This will require financial institutions to implement a set of fundamental controls to raise their level of resilience to security threats.

They will also have to conduct independent reviews to ensure that they are compliant with the upcoming rules.

Mr Tan said financial institutions will have to "adopt cyber hygiene practices such as strong authentication, controlled use of administrative privileges and proper patch management".

The move to step up cyber resilience comes amid a growing market for digital payments.

Visa estimates that over half of all transactions in Asia-Pacific alone are still in cash. That translates to a US$6.1 trillion (S$8.2 trillion) cash opportunity, said Mr Chris Clark, Visa's group executive for Asia Pacific.

The MAS is working with the Association of Banks in Singapore to develop guidelines that would define technology risks faced by the sector. It will also strengthen collaboration by having banks come together to share information on cyberthreats.

The regulator has partnered with the Financial Services Information Sharing and Analysis Centre to set up its Asia Pacific Regional Analysis Centre. This facility allows financial institutions to share cyber threat information and other resources tailored for the region, said Mr Tan. Regulators can also share information on attack tools, modus operandi and countermeasures to mitigate the risk of future attacks. - THE STRAITS TIMES